Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Ex-FBI agent on Volt Typhoon

August 2024 by Adam Marrè, Chief Information Security Officer at Arctic Wolf

Following the news Versa servers were breached by Volt Typhoon, the comment below from Adam Marrè, Chief Information Security Officer at Arctic Wolf. Adam is an ex-FBI agent where he focused on combatting cybercrime and is now CISO at Arctic Wolf, a global cybersecurity company. Adam discusses how this latest attack is just the latest in a long string of attacks the Volt Typhoon group has conducted, and why this particular attack is so concerning.

Much like power grids and water systems, the ubiquity of internet access has made it a core piece of our critical infrastructure. As the backbone of societal operations around the world – it isn’t surprising we’re seeing more and more attacks that target internet service providers specifically; similar to the Halliburton attack last week.

This exploitation conducted by Volt Typhoon is another example in a long string of attacks that the group has conducted. The People’s Republic of China continues to be the most concerning strategic adversary to the United States. These actions, and many others over the last few years, show us that the cyber elements of the PLA, as exemplified by Volt Typhoon, are preparing for possible conflict and continuing to steal intellectual property and other information at an aggressive pace.

This isn’t just a worry for the US, but for the UK and beyond. Previously, we’ve seen APT 27 and other groups launch similar attacks across the EMEA region – with German authorities naming the gang as responsible for attacks on German pharmaceutical and technology companies.

This attack targeting Versa servers allows the hackers to pivot into the many other networks connected to Versa’s servers. We’ve seen this tactic leveraged time and time again in major incidents like the SolarWinds breach – further proving how critical it remains to have visibility and control over the security of each application in your supply chain to mitigate the risk of hackers compromising your organization through a third-party vendor.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts